[tor-commits] [tor-browser-bundle/master] Update gitian/*.sh scripts for incremental mars
mikeperry at torproject.org
mikeperry at torproject.org
Fri Oct 24 23:56:05 UTC 2014
commit f1472e59d24945d3f05a740925a05c4bfac4ccc7
Author: Nicolas Vigier <boklm at torproject.org>
Date: Mon Oct 20 18:35:50 2014 +0200
Update gitian/*.sh scripts for incremental mars
Running tools/update-responses/update-responses will generate
incremental mar files in the gitian/$release directory.
hash-bundles.sh has been updated to exclude the incremental mars from
sha256sums.txt and include them in sha256sums.incrementals.txt. Some
makefile rules (hash, hash-alpha, hash-beta, hash-nightly) to run
hash-bundles.sh have been added.
upload-signature.sh has been updated to sign and upload
sha256sums.incrementals.txt if present.
check-match.sh has been updated to match sha256sums.incrementals.txt if
present.
An 'incrementals' makefile rule has also been added to run the
update_responses script to generate incremental mars.
---
gitian/Makefile | 15 +++++++++++++++
gitian/check-match.sh | 44 ++++++++++++++++++++++++++++++++++++++++++--
gitian/hash-bundles.sh | 8 ++++++--
gitian/upload-signature.sh | 9 ++++++++-
4 files changed, 71 insertions(+), 5 deletions(-)
diff --git a/gitian/Makefile b/gitian/Makefile
index 3967795..2c17656 100644
--- a/gitian/Makefile
+++ b/gitian/Makefile
@@ -32,6 +32,21 @@ build-beta:
./mkbundle-mac.sh versions.beta
./hash-bundles.sh versions.beta
+incrementals:
+ ../tools/update-responses/update_responses
+
+hash:
+ ./hash-bundles.sh versions
+
+hash-alpha:
+ ./hash-bundles.sh versions.alpha
+
+hash-beta:
+ ./hash-bundles.sh versions.beta
+
+hash-nightly:
+ ./hash-bundles.sh versions.nightly
+
sign:
$(TORSOCKS) ./upload-signature.sh versions
diff --git a/gitian/check-match.sh b/gitian/check-match.sh
index 09bf179..43d1ef1 100755
--- a/gitian/check-match.sh
+++ b/gitian/check-match.sh
@@ -26,6 +26,7 @@ fi
. $VERSIONS_FILE
VALID=""
+VALID_incrementals=""
for u in $USERS
do
@@ -49,14 +50,53 @@ do
VALID="$u $VALID"
done
+cd ../..
+if [ -f $TORBROWSER_VERSION/sha256sums.incrementals.txt ]
+then
+ for u in $USERS
+ do
+ cd $WRAPPER_DIR
+
+ # XXX: Is there a better way to store these and rename them?
+ mkdir -p $TORBROWSER_VERSION/$u
+ cd $TORBROWSER_VERSION/$u
+
+ wget -U "" -N https://$HOST/~$u/builds/$TORBROWSER_VERSION/sha256sums.incrementals.txt || continue
+ wget -U "" -N https://$HOST/~$u/builds/$TORBROWSER_VERSION/sha256sums.incrementals.txt.asc || continue
+
+ keyring="../../gpg/$u.gpg"
+
+ # XXX: Remove this dir
+ gpghome=$(mktemp -d)
+ GNUPGHOME="$gpghome" gpg --import "$keyring"
+ GNUPGHOME="$gpghome" gpg sha256sums.incrementals.txt.asc || exit 1
+
+ diff -u ../sha256sums.incrementals.txt sha256sums.incrementals.txt || exit 1
+
+ VALID_incrementals="$u $VALID_incrementals"
+ done
+fi
+cd ../..
+
+exit_val=0
if [ -z "$VALID" ];
then
echo "No bundle hashes or sigs published for $TORBROWSER_VERSION."
echo
- exit 1
+ exit_val=1
else
echo "Matching bundles exist from the following users: $VALID"
- exit 0
fi
+if [ -f $TORBROWSER_VERSION/sha256sums.incrementals.txt ]
+then
+ if [ -z "$VALID_incrementals" ]
+ then
+ echo "No incremental mars hashes or sigs published for $TORBROWSER_VERSION."
+ else
+ echo "Matching incremental mars exist from the following users: $VALID_incrementals"
+ fi
+fi
+
+exit $exit_val
diff --git a/gitian/hash-bundles.sh b/gitian/hash-bundles.sh
index 20a26d0..2684158 100755
--- a/gitian/hash-bundles.sh
+++ b/gitian/hash-bundles.sh
@@ -18,8 +18,12 @@ fi
export LC_ALL=C
cd $TORBROWSER_VERSION
-rm -f sha256sums.txt
-sha256sum `ls -1 | sort` > sha256sums.txt
+rm -f sha256sums.txt sha256sums.incrementals.txt
+sha256sum `ls -1 | grep -v '\.incremental\.mar$' | sort` > sha256sums.txt
+if ls -1 | grep -q '\.incremental\.mar$'
+then
+ sha256sum `ls -1 | grep '\.incremental\.mar$' | sort` > sha256sums.incrementals.txt
+fi
echo
echo "If this is an official build, you should now sign your result with: "
diff --git a/gitian/upload-signature.sh b/gitian/upload-signature.sh
index ffb97fe..58059aa 100755
--- a/gitian/upload-signature.sh
+++ b/gitian/upload-signature.sh
@@ -28,7 +28,14 @@ then
popd
fi
+if [ -f $TORBROWSER_VERSION/sha256sums.incrementals.txt ] \
+ && [ ! -f $TORBROWSER_VERSION/sha256sums.incrementals.txt.asc ]
+then
+ pushd $TORBROWSER_VERSION && gpg -abs sha256sums.incrementals.txt
+ popd
+fi
+
ssh $HOST "mkdir -p $BASE_DIR/$TORBROWSER_VERSION"
-scp $TORBROWSER_VERSION/sha256sums.txt* $HOST:$BASE_DIR/$TORBROWSER_VERSION/
+scp $TORBROWSER_VERSION/sha256sums*.txt* $HOST:$BASE_DIR/$TORBROWSER_VERSION/
ssh $HOST "chmod 755 $BASE_DIR/$TORBROWSER_VERSION && chmod 644 $BASE_DIR/$TORBROWSER_VERSION/*"
More information about the tor-commits
mailing list